Rajan Kharat
Information Security Auditor (PCI DSS, ITGC And ISO 27001)
Summary
Certified Information Systems Auditor (CISA) and experienced PCI DSS Auditor with strong expertise in IT audit, compliance assessments, and risk management. Skilled in conducting end-to-end PCI DSS gap assessments, compliance validations, and control testing for diverse industries including BFSI, telecom, and IT services. Adept at evaluating IT General Controls (ITGC), application controls, access management, and incident response processes. Proven ability to work with cross-functional teams to ensure compliance with regulatory and industry standards while strengthening security posture.
Overview
9
9
years of professional experience
8
8
Certifications
Work History
Information Security Consultant
Lead Consultant
08.2016 - Current
PCI DSS Auditor
- Conducted PCI DSS audits (v3.2.1 / v4.0), including scoping, evidence collection, and testing of controls for merchants and service providers.
- Performed gap assessments and provided remediation guidance for encryption, key management, and cardholder data storage requirements.
- Reviewed firewall configurations, segmentation controls, access management, and vulnerability management processes to validate compliance.
- Authored ROC (Report on Compliance) and Attestation of Compliance (AOC) documents in line with PCI SSC guidelines.
- Worked with client teams to design compensating controls where standard requirements were not feasible.
- Also worked along with the National Payment Corporation of India (NPCI) to ensure compliance with Information Technology general controls.
- Working with various Asian banks for PCI DSS compliance.compliance
- Performed remote and onsite network penetration testing and vulnerability assessment audits for industry-leading BPOs, call centers, and banks across the globe—mainly in the Asia and Middle East regions.
- Collaborated with third-party payment card industry (PCI) compliance partners.
- Performed application penetration testing audits for mainly banking and credit card applications, shopping cart applications, payment switch, and payment gateway applications, and mobile applications.
- Performed firewall rule-set reviews for the client base across the globe.
Education
Bachelor of Engineering - Electronics And Telecommunication
Bachelor of Engineering From Y.T.I.E.T
Karjat 06.2011 - 2015.08
Skills
External and Internal Vulnerability Assessments
Vulnerability assessment
Cybersecurity strategy
Application security
Network security
Compliance auditing
Network security management
Patch management
Security risk assessment
Problem-solving abilities
Network protocols
Certification
Certified Ethical Hacking
Timeline
CISA - Certified Information Systems Auditor (ISACA)
08-2025
Swift Network
05-2025
Information Security Consultant
Lead Consultant
08.2016 - Current
Bachelor of Engineering - Electronics And Telecommunication
Bachelor of Engineering From Y.T.I.E.T
06.2011 - 2015.08
Similar Profiles
Nikhil John KoshiNikhil John Koshi
DVS Solutions Ltd (Startup) at Lead ConsultantDVS Solutions Ltd (Startup) at Lead Consultant
SENTHIL ANAND SSENTHIL ANAND S
Techolution - Tech Lead Backend Development at Lead Consultant - Mauritius Commercial BankTecholution - Tech Lead Backend Development at Lead Consultant - Mauritius Commercial Bank
RAGHU NekkantiRAGHU Nekkanti
A5E Consulting(Client Nielsen Implementation) at Senior SAP ConsultantA5E Consulting(Client Nielsen Implementation) at Senior SAP Consultant
Gavin WheelerGavin Wheeler
Information Security Consultant at Morning ConsultInformation Security Consultant at Morning Consult
Andrés Morillo BejaranoAndrés Morillo Bejarano
Information Security Consultant at AGESIC (Government Agency)Information Security Consultant at AGESIC (Government Agency)